Security News

Downgrade attack lets any user take over - just ask for old-style access to the debugging port and you won't need a password

An unpatched vulnerability in the TP-Link SR20 smart hub and router can be exploited to achieve arbitrary command execution, a security researcher has discovered.  read more

However, an attacker would need to already be on the local network to be successful.

Cisco this week revealed that patches released in January for vulnerabilities in Small Business RV320 and RV325 routers were incomplete. The flaws have been exploited in live attacks.  read more

Google security engineer emits SR20 PoC exploit after manufacturer fails to respond TP-Link's all-in-one SR20 Smart Home Router allows arbitrary command execution from a local network connection,...

Cisco RV320 and RV325 WAN VPN routers are still vulnerable to attack through two flaws that Cisco had supposedly patched. #Cisco Small Business Routers still vulnerable to remote code execution &...

Chinese kit slinger was told of UPnP flaw in 2013, didn't do too much about it Exclusive Huawei bungled its response to warnings from an ISP's code review team about a security vulnerability...

The networking giant issued 27 patches impacting a wide range of its products running the ISO XE software.

RV110W, RV130W and RV215W models need patching Cisco has patched three of its RV-series routers after Pen Test Partners (PTP) found them using hoary old C function strcpy insecurely in login...

Cisco released security patches this week to address a Critical vulnerability in several wireless routers that allows an attacker to remotely execute code on the impacted devices.  read more